I was looking at out admin user log and noticed a user who hasn’t worked here in 8 months had logged in yesterday. the IP address wasn’t of our network and when I did some more digging this inactive user had logged in over 50 times in the past few months. It also showed our other admin (active user obviously) as logging in with the same IP and he says he didn’t log in yesterday. I personally know the former inactive user and there’s not a chance that person logged in. Anyway, ticket in with eCW and they confirmed the IP was their server and the logins were actually “glitches” to which they would apply a “patch”. I wasn’t really expecting much more of an answer.
Has anyone else had this happen? Maybe some of the cloud users here should go check your user logs for anything out of the ordinary.